Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-13604 |
Description: The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.4 via the 'kbs' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/kbs directory which can contain file attachments included in support tickets. The vulnerability was partially patched in version 1.7.3.2.
CVSS: HIGH (7.5) EPSS Score: 0.05%
April 5th, 2025 (16 days ago)
|
|
CVE-2025-32204 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in rocketelements Split Test For Elementor allows SQL Injection. This issue affects Split Test For Elementor: from n/a through 1.8.2.
CVSS: HIGH (7.6) EPSS Score: 0.04%
April 4th, 2025 (16 days ago)
|
|
CVE-2025-32203 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in manu225 Falling things allows SQL Injection. This issue affects Falling things: from n/a through 1.08.
CVSS: HIGH (7.6) EPSS Score: 0.04%
April 4th, 2025 (16 days ago)
|
|
CVE-2025-32159 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Radius Blocks allows PHP Local File Inclusion. This issue affects Radius Blocks: from n/a through 2.2.1.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 4th, 2025 (16 days ago)
|
|
CVE-2025-32157 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jakub Glos Sparkle Elementor Kit allows PHP Local File Inclusion. This issue affects Sparkle Elementor Kit: from n/a through 2.0.9.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 4th, 2025 (16 days ago)
|
|
CVE-2025-32156 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Alex Prokopenko / JustCoded Just Post Preview Widget allows PHP Local File Inclusion. This issue affects Just Post Preview Widget: from n/a through 1.1.1.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 4th, 2025 (16 days ago)
|
|
CVE-2025-32155 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in markkinchin Beds24 Online Booking allows PHP Local File Inclusion. This issue affects Beds24 Online Booking: from n/a through 2.0.26.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 4th, 2025 (16 days ago)
|
|
CVE-2025-32154 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Catch Themes Catch Dark Mode allows PHP Local File Inclusion. This issue affects Catch Dark Mode: from n/a through 1.2.1.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 4th, 2025 (16 days ago)
|
|
CVE-2025-32153 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in vinagecko VG WooCarousel allows PHP Local File Inclusion. This issue affects VG WooCarousel: from n/a through 1.3.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 4th, 2025 (16 days ago)
|
|
CVE-2025-32152 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Essential Plugins by WP OnlineSupport Slider a SlidersPack allows PHP Local File Inclusion. This issue affects Slider a SlidersPack: from n/a through 2.3.
CVSS: HIGH (7.5) EPSS Score: 0.13%
April 4th, 2025 (16 days ago)
|